[strongSwan] Running on AWS behind Elastic IP

[Mathew Marulla]

Confused now...   Is your VPN entirely within AWS?  If not, how are you connecting over the public internet with a private IP?

I'm going to do a quick network diagram this evening so I can communicate better what I am trying to do.

Cheers,

- Matt

> On Nov 16, 2016, at 1:16 PM, Turbo Fredriksson <turbo at bayour.com> wrote:
> 
>> On 16 Nov 2016, at 17:56, Mathew Marulla <matt_m at me.com> wrote:
>> 
>> If I am reading your reply correctly, it seems you are getting this to work by not using an elastic IP, but just the public IP of your instance.  Then using a script to update it as needed.  Maybe that’s the only way…
>> 
>> I will try removing the elastic IP and seeing if the instance is aware of it’s own public IP, i.e.; by looking in ifconfig.  Because the elastic IP certainly does not show up there.
> 
> No, that should be the _private_ IP! That’s the only one that StrongSWAN is/will be aware of
> and that’s the IP it binds to..
> 
> It doesn’t need to know about the EIP.